CheapSCAte: Attacking IoT with Less than $60


Posted on in Presentations

The common assumption is that the physical attacks are impossible to conduct by an entry-level hacker. This talk will challenge this belief by showing that with only open-source tooling and dirt-cheap equipment, it is possible to successfully attack such devices. This session will show how to extract AES key with SCA and bypass a security check with FI on a real device created for a hardware CTF.

Learning Objectives:
1: Challenge the belief of extreme complexity of hardware attacks.
2: Observe a real-life attack on an IoT device using the cheapest equipment.
3: Learn about a number of ways to mitigate the risk of a physical compromise.

Participants
Rafael Boix Carpi

Participant

Principal Trainer and Security Specialist, Riscure


Share With Your Community